[Bug 1290438] [NEW] iptables -m state --state UNTRACKED uses SNAT state instead

Chaskiel Grundman Mon, 10 Mar 2014 09:36:12 -0700

Public bug reported:

An input rule like -A INPUT -m addrtype -m state --state
NEW,RELATED,UNTRACKED -j whatever


creates a rule that actually refers to the SNAT state.

Chain INPUT (policy ACCEPT)
[...]
whatever all  --  anywhere             anywhere             state 
NEW,RELATED,SNAT

This was apparently fixed upstream in 1.4.19. I will link the debian
report (700066) in a moment

ProblemType: Bug
DistroRelease: Ubuntu 13.10
Package: iptables 1.4.18-1.1ubuntu1
ProcVersionSignature: Ubuntu 3.11.0-17.31-generic 3.11.10.3
Uname: Linux 3.11.0-17-generic x86_64
NonfreeKernelModules: openafs
ApportVersion: 2.12.5-0ubuntu2.2
Architecture: amd64
Date: Mon Mar 10 12:24:44 2014
MarkForUpload: True
SourcePackage: iptables
UpgradeStatus: Upgraded to saucy on 2013-11-01 (129 days ago)

** Affects: iptables (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: iptables (Debian)
     Importance: Unknown
         Status: Unknown


** Tags: amd64 apport-bug saucy

** Bug watch added: Debian Bug tracker #700066
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700066

** Also affects: iptables (Debian) via
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700066
   Importance: Unknown
       Status: Unknown

** Description changed:

  An input rule like -A INPUT -m addrtype -m state --state
  NEW,RELATED,UNTRACKED -j whatever
  
  creates a rule that actually refers to the SNAT state.
  
  Chain INPUT (policy ACCEPT)
  [...]
- whatever all  --  anywhere             anywhere             UNICAST state 
NEW,RELATED,SNAT
+ whatever all  --  anywhere             anywhere             state 
NEW,RELATED,SNAT
  
- 
- This was apparently fixed upstream in 1.4.19. I will link the debian report 
(700066) in a moment
+ This was apparently fixed upstream in 1.4.19. I will link the debian
+ report (700066) in a moment
  
  ProblemType: Bug
  DistroRelease: Ubuntu 13.10
  Package: iptables 1.4.18-1.1ubuntu1
  ProcVersionSignature: Ubuntu 3.11.0-17.31-generic 3.11.10.3
  Uname: Linux 3.11.0-17-generic x86_64
  NonfreeKernelModules: openafs
  ApportVersion: 2.12.5-0ubuntu2.2
  Architecture: amd64
  Date: Mon Mar 10 12:24:44 2014
  MarkForUpload: True
  SourcePackage: iptables
  UpgradeStatus: Upgraded to saucy on 2013-11-01 (129 days ago)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1290438

Title:
  iptables -m state --state UNTRACKED uses SNAT state instead

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/iptables/+bug/1290438/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1290438] [NEW] iptables -m state --state UNTRACKED uses SNAT state instead

Reply via email to